So, i got the assignment of setting up a web server to execute code on a remote client machine. I started planning what was needed for this to be successful. Things the system needed to do :

• Execute exe on client
• Somehow give information of infected PC
• Work on a windows platform

To performe test of the system, it was decided that this would be made in a closed environment (no outside access) inde a Virtual machine. The setup looks like this : Gonna go through each of them : WAN device is a OpenWRT running in a virtual machine with 2 NIc’s attached to it.  The virtual machine is like this

• eth0 (wan port) is bridging the wireless-lan with the host computer giving seperate IP.
• eth1 (lan port) = this port is set to internal lan only with a alias name of “intranet”

This machine is responsable for the system’s routing and internet access. The Linux machine is running a XAMPP. This is the machine that makes it all happen. It has 1 NIC

• eth0 (lan port) = Internal netowork named “Intranet”

The machine is hosting the website that will be used to target windows xp machines with the exploite called “Uninitialized Memory Corruption” Last we have the windowx xp machine. This computer has 1 NIC aswell

• eth0 (lan port) = Internal netowork named “Intranet”

The sole purpose of this machine is to be hacked. Everything about this machine screams “hack me” since almost all the software is at least 3 years old. (In order to make this also old hack possible).

• About
• Latest Posts

Martin Jørgensen

Got my degree from EAL in 2012 as an IT-Technologist with specialty in network. I enjoy living in a century where I can earn a living doing my hobby. Material I publish here are often part of my small projects.

Latest posts by Martin Jørgensen (see all)

• Integrate Phpmyadmin & Nginx in Arch - April 10, 2016
• Installing Nginx MariaDB and PHP in Arch Linux - April 6, 2016
• Low power home server build - June 20, 2015